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Server \ 
f Authenticates J 
\Secunty Device/ 



Get serial number 
from security ' 
device. 



%oz 




Yes 



Get <*KC 
for serial number. 



Get time and date 
from cfock/ 
calendar. ' 



%0% 



Compute 
challenge. 



-Wo 



Compute expected 
response. 



Send challenge to 
secunty device. 
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W Terminate session J 



F 



3 M 



/Security Device^ 
/ Responds to 
\ Authentication 
\ Challenge 



Get )<cy 
from security logic 



Compute response 

Kef 




Send fr^fixfr^ 

saw 



Done 



/Server UpdateX 
I of Security Device \ 
I Current and J 

\ExpiratJon Dates/ 



Get expiration date 
from user 
database- 



Get current date 
from clock/ 
calendar f 



Encrypt expiration 
date and current 
date. , 



Unlock security 



Yes 



Send encrypted 

dates to the 
security device 



Lock security 
device memory. 



Done 
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Server Unlocks 
Security Device 
v Memory 



Get serial number 
from the security 
device. 



Get t*\cr*Ko{y 
key from the user 
database. 



Get current time 
and date from the 
clock/calendar. - 



Get the current 
cryptogram from 
the security „ 
device. 



Compute the 
unlock message 
and response . 
values. 



Send the memory 
unlock message to 
the security ^ 
device. 




/Security device\ 
updates the \ 
current and 1 
expiration dates I 
\ received from the / 
server. / 



Decrypt current 
and expiration 
date received from 
the server 




Store dates in non- 
volatile memory. 



Done 



Server locks \ 
security device J 



Send memory lock 
command to 
security device. 



pi 



Done 



Yes 



Security Devjce\ 
lock Jca\tt)i{ } 




No 



Disable access to 



%1® 



Done 
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f Application 
/ Updates Current 
\ Date In Security 
V Device 



Is the 
r security device ^ 
^requesting date^ 
^and time . 



-No— 



Done 



Yes 
I 

Get date and time 
from clock/ 
calendar. 



Send date and 
time to security 
device. « 



Done 
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Server encrypts 
asset 



Get time and date 
from clock/ 
calendar 



Generate 
encryption key. 



Encrypt asset/ 
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C 



Store encrypted 
}*\ database. 



Done 



Server delivers \ i -v \ 

asset. J ( O * 



Get asse^ a&$t\ 
key and indication 
of owned or rented 
status from asset 
database 



Get user Key 
for security device 
from user databse. 




Encrypt asset key 
and rental flag 
using user 
key. 



Send encrypted 
key and flag to 



Send encrypted 
asset 4o /' 



Done 
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f Application \ 
/extracts asset key\ 
\ from security / 
V device. / 



)0' 



Send encrypted 
asset key and 
rental flag ro 

security device. 



Get response from 
security device. 



Extract asset key 

from security 
device response- 



Id t% 




Yes- 



Notify user that 
asset has expired. 



Done 
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Application 
decrypts asset 



Initialize 
decryption 
algorithm with 
asset key received 
from security 
device. 



Decrypt memory 
copy of. 



/ Security device \ 
I extracts asset key J 



Receive encrypted 
asset key and 
f*whl nag. ' 



Get user ^/ 
from secure 
memory. 



Decrypt asset key 
and ^cn+ii 




asset key. 



Return indication 
of subscription 
expired. 



Done 
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